Description
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x
before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before
13.13-cert4, and other products, allows remote attackers to cause a denial
of service (out-of-bounds read and application crash) via a crafted packet.
Package
Upstream: | released
(2.5.5~dfsg-6)
|
Ubuntu 14.04 ESM: | DNE
(trusty was released [2.1.0.0.ast20130823-1+deb8u1build0.14.04.1])
|
Patches:
Updated: 2022-04-13 13:07:33 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)